A method for synchronizing a binding process among a group of network devices connected to a server that is multi-homed to the group of network devices in provided. The method is executed by a first network device among the group of network devices and includes: receiving, from the server, network traffic associated with a host executing on the server; configuring, using the network traffic, a binding between the first network device and the host and setting a binding status of the first network device for the host to a first status; and transmitting, in response to the setting and via an out-of-band (OOB) channel to a second network device among the plurality of network devices, first binding instructions for causing the second network device set a binding status of the second network device for the host to a second status different from the first status.

Presented herein are techniques to facilitate extending a multiple access Protocol Data Unit (PDU) session and Access Traffic Steering, Switching, and Splitting Low-Layer (ATSSS-LL) policies to an enterprise network. In one example, a method may include obtaining a request for an ATSSS-LL policy for a user equipment (UE) for establishing a multiple access protocol data unit session for the UE via a wireless wide area access network for an enterprise network; and providing to the UE one or more ATSSS-LL rules for the ATSSS-LL policy, an Internet Protocol (IP) address for the multiple access protocol data unit session for the UE, and an identifier for the multiple access protocol data unit session for the UE in which the IP address is utilized for a wireless local area access network connection for the UE established via a wireless local area access network of the enterprise network.

A traffic forwarding method includes determining, by a first network device, a first address resolution protocol (ARP) entry of the access device, where the first ARP entry is used to indicate a mapping relationship among a media access control (MAC) address, an Internet Protocol (IP) address, and an egress port, the egress port includes a standby egress port, and the first network device is connected to the protection link through the standby egress port, receiving traffic sent by a network side, determining whether a fault exists in the first multi-chassis link aggregation group (MC-LAG) link, and when the first network device determines that a fault exists in the first MC-LAG link, sending the traffic to the second network device through the protection link based on a standby egress port number in the first ARP entry, where the standby egress port number is used to indicate the standby egress port.

A traffic forwarding method includes determining, by a first network device, a first address resolution protocol (ARP) entry of the access device, where the first ARP entry is used to indicate a mapping relationship among a media access control (MAC) address, an Internet Protocol (IP) address, and an egress port, the egress port includes a standby egress port, and the first network device is connected to the protection link through the standby egress port, receiving traffic sent by a network side, determining whether a fault exists in the first multi-chassis link aggregation group (MC-LAG) link, and when the first network device determines that a fault exists in the first MC-LAG link, sending the traffic to the second network device through the protection link based on a standby egress port number in the first ARP entry, where the standby egress port number is used to indicate the standby egress port.

Embodiments of the present disclosure provide systems, methods, and non-transitory computer storage media for detecting abnormal behavior of device in an enterprise network based on an analysis of behavioral information of the device's neighbors in network. At a high level, embodiments of the present disclosure employ a hive-mind approach to determine anomalous behavior of a device in a network based on analyzing behavior information reported by neighboring devices within the network. Embodiments identify that a device is alive and connected within the network based on multiple neighboring devices reporting behavioral information about the device; however, the device may be dysfunctional and failing to report its own information. By aggregating and analyzing behavioral information of a device based on the reporting information of its neighboring devices, embodiments of the present disclosure are able to determine whether a device is healthy even when the device is unable to report its own information.

Embodiments of the present disclosure provide systems, methods, and non-transitory computer storage media for detecting abnormal behavior of device in an enterprise network based on an analysis of behavioral information of the device's neighbors in network. At a high level, embodiments of the present disclosure employ a hive-mind approach to determine anomalous behavior of a device in a network based on analyzing behavior information reported by neighboring devices within the network. Embodiments identify that a device is alive and connected within the network based on multiple neighboring devices reporting behavioral information about the device; however, the device may be dysfunctional and failing to report its own information. By aggregating and analyzing behavioral information of a device based on the reporting information of its neighboring devices, embodiments of the present disclosure are able to determine whether a device is healthy even when the device is unable to report its own information.

Cloud based router with policy enforcement. In some implementations, a system is provided. The system includes a plurality of access points. The plurality of access points receive data packets from a plurality of client devices. The system also includes a plurality of tunnel devices coupled to the plurality of access points. The plurality of tunnel devices generate encapsulated packets based on the data packets received by the plurality of access points. The system further includes a plurality of packet forwarding components coupled to the plurality of tunnel devices via a first set of tunnels. The plurality of packet forwarding components receive the encapsulated packets from the plurality of tunnel devices and forward the encapsulate packets. The system further includes a plurality of network access controllers coupled to the plurality of packet forwarding components via a second set of tunnels. The plurality of network access controllers enforce one or more network policies for the plurality of client devices, as the plurality of client devices move between the plurality of access points.

Methods and apparatus are disclosed for configuring one or more processors to implement service function chains comprising one or more virtualised service functions. A method according to one aspect, performed by a processing module (330) implemented on one or more processors (30), involves steps being performed in respect of at least one new virtualised service function (33) to be included in a service function chain of: determining a position in the service function chain at which the new virtualised service function (33) is to be included; allocating at least one internal address to the new virtualised service function, the at least one internal address being an address to be usable by a switching processor (34); and providing to the switching processor (34) an indication of the at least one internal address allocated to the new virtualised service function (33).

A pool or spa system includes networked pool or spa devices that can be dynamically configured with network address by a controller. The controller can transmit a device discovery request on a network and can receive a discovery response from pool or spa devices that require a network address. The system determines and assigns the network addresses for the pool or spa devices based on unique device identifiers associated with the responding pool or spa devices. The network addresses assigned to the pool or spa device are transmitted to the pool or spa device to be used by the pool or spa devices to communicate with the controller over the network. The system can be used to discover and assign addresses to various types of pool or spa devices, such as pumps, underwater lights, chlorinators, water feature controllers, remote controllers, and/or other types of devices.

A pool or spa system includes networked pool or spa devices that can be dynamically configured with network address by a controller. The controller can transmit a device discovery request on a network and can receive a discovery response from pool or spa devices that require a network address. The system determines and assigns the network addresses for the pool or spa devices based on unique device identifiers associated with the responding pool or spa devices. The network addresses assigned to the pool or spa device are transmitted to the pool or spa device to be used by the pool or spa devices to communicate with the controller over the network. The system can be used to discover and assign addresses to various types of pool or spa devices, such as pumps, underwater lights, chlorinators, water feature controllers, remote controllers, and/or other types of devices.